A board of elections vote was postponed Thursday after clerks could not retrieve information from county servers about proposed third party vendor services.

The Floyd County Board of Elections rescheduled the vote to noon on Friday as county IT workers continue to work to restore servers attacked by ransomware.

The county servers were infected with a variation of the ransomware virus Phobos over the weekend and were immediately shut down after the virus was discovered Monday morning.

Variations of Phobos have spread in many industries around the world. The program encrypts files and keeps them locked down until a ransom is paid.

County IT Director La Sonja Holcomb said the attack could have come from almost anything, such as an email, flash drive or using remote desktop software by employees who work from home.

“When you’ve got thousands of emails and connection points to external servers, you’re exposed,” County Manager Jamie McCord said.

Since then, the county has been able to function normally for the most part.

Some employees and departments are still waiting on their computers to be scanned, particularly document servers and document management servers.

“Those are huge servers, like terabytes of data, that are not finished yet,” Holcomb said. “We’re putting two or three people at different places today and having them look at data and making sure everything looks right. Then we’re checking on some servers to make sure everything looks clean and staying up and stable.”

Holcomb and her team have been working almost nonstop since the virus was discovered. They began scanning the server for the county manager’s office at 1:30 a.m. Thursday and finished up around 4 p.m.

For the past week, county employees have been working off of older backups on their scanned computers or using personal devices to get their work done.

Once all of the servers are checked and appear clean from the virus, they can go back to saving new data.

McCord said the county tries to educate their staff as much as possible to identify any kind of scams or phishing. Despite that, there is still the risk of someone finding a security hole and hacking into the system.

Looking forward, Holcomb and the rest of the IT department will be working on increasing the security of servers for the county and adapting to new technology.

Recommended for you